Christopher Davis is CEO of cybersecurity firm HYAS InfoSec in Nanaimo.

Nanaimo cybersecurity expert helps evaluate campaign e-mail server

NANAIMO - Christopher Davis, CEO of HYAS InfoSec, called to consult on Trump-Russia computer links.

A Nanaimo cybersecurity expert was recently called upon to help shed light on cryptic information gleaned from a computer scientist about communications between the Trump presidential campaign and a Russian bank.

The computer scientist, who goes by the alias Tea Leaves, is one of just a few people worldwide entrusted with a list of nearly all the web servers in the world who hunt malware, programming such as viruses and other hostile software that can damage networks, disrupt communication and control systems, steal information or commit other malicious acts. Their work helps protect private users, businesses, governments, anyone connected to the Internet.

To communicate, the Internet uses a set of protocols called the Domain Name System or DNS – similar to  street address or phone numbers – to ensure information is passed between its intended senders and recipients. In late July, some DNS data caught Tea Leaves’ eye that has led to reports in the news media suggesting an e-mail server owned by U.S. presidential candidate Donald Trump was in communication with Russia.

“What we’re seeing here is that Alpha Bank in Russia is doing lots and lots of these phonebook lookups for this [e-mail] server connected to the Trump organization,” said Christopher Davis, founder and CEO of Nanaimo-based cybersecurity firm HYAS InfoSec, who was called upon to consult on the data.

Davis received the U.S. Federal Bureau of Investigation’s Director’s Award in 2013 for bringing down an international network of more than 15 million computers, hijacked by malware to steal passwords, credit card numbers and personal data in 2009. His work helped prosecute a Slovenian and two Spaniards behind the scheme.

The Trump e-mail server appeared to be set up for mass marketing the Trump Card Privileges Program, but based on the data Davis looked at, the e-mail server appeared to be talking to only two places, an Alpha Bank server in Russia and another at U.S.-based Spectrum Health.

“If I’m setting up a marketing mail server, what kind of [poor] marketing am I doing if I’m only sending out marketing messages to two places?” Davis said. “Those are the questions I have and there’s no good answer for them. I don’t know what the answer is.”

Unfortunately, reading DNS data doesn’t reveal communication content. What it does reveal are patterns that can indicate whether communications are being sent automatically by malware or by people typing at keyboards. Davis thinks it’s the latter, but said he can’t draw any conclusions about who they are or what’s being communicated.

“There was like five of us that sort of went over this with a fine-tooth comb and looked at it pretty deeply. There’s a bunch of weirdness to it that doesn’t match anything in my 20 years, 25 years of doing IT that I’ve ever seen before,” Davis said. “It’s just that I’ve never seen anyone set up to send spam to two people. It’s kind of a ridiculous thing to do.”

Just Posted

B.C. Ferries vessel breaks down right before long weekend

Horseshoe Bay-Langdale route impacted most, two Departure Bay sailings cancelled

Nanaimo man gets jail time for posting explicit photos of ex-girlfriends

Man’s name cannot be revealed to protect victims’ identities

Olympic skier from Nanaimo suing Alpine Canada after coach’s sex offences

Bertrand Charest was convicted in 2017 on 37 charges

Learn to build a telescope with Nanaimo Astronomy Society

Learn how to build or improve a telescope at the society’s meeting Thursday, June 27

Nanaimo police dog’s bark puts a stop to chainsaw theft

Suspect decides bite might be worse than bark when confronted by RCMP service dog Monday

SUV rolls over in crash in north Nanaimo

Accident happened on Rutherford Road on Wednesday afternoon

Readers vote for Nanaimo’s Best of the City

Complete results of the Nanaimo News Bulletin’s 2019 survey

Air North starts up non-stop flights from Nanaimo to Kelowna

Company running charter flights to Watson Lake, Yukon, including stops in Kelowna and Prince George

Nanaimo RCMP issue warning about counterfeit $100 bills

Fake $100 bill successfully passed at pharmacy on Bowen Road this month

Man appealing conviction for drive-by shooting attempt in Nanaimo

Armaan Singh Chandi was sentenced to nine years in jail in B.C. Supreme Court last month

Pirates hang on to beat neighbouring Royals

Nanaimo beats Parksville 2-0 in B.C. Premier Baseball League action

Pedestrian struck by vehicle in Stz’uminus dies from injuries

A male pedestrian was struck in the early morning of June 25

Foot ferry service in Nanaimo won’t happen this summer

Island Ferries says it still needs to secure funding

Every situation is different, jurors hear at coroners inquest into Oak Bay teen’s overdose death

Pediatrician says involuntary treatment necessary following overdose, opioid use

Most Read